SKIP TO PAGE CONTENT

AC-5 Separation of Duties

Last Review: 10/1/2022

Statement

West Texas A&M (WTAMU) University shall ensure that technical controls are in place to support the principle of Separation of Duties is implemented to prevent errors and/or fraud. Separation of Duties is achieved by disseminating the tasks and associated privileges for a specific security process among multiple users and chains of command.

This ensures no single individual or organization should be able to both perpetuate and conceal irregularities resulting in unauthorized or unintentional modification or misuse of the university’s information resources. 


Applicability

The intended audience for this control includes, but is not limited to, all information resource data/owners, management personnel, and system administrators.

Separation of duties shall be implemented such that operational information resource functions are separated to prevent a single person from harming an operational information resource or the services it provides, whether by an intentional act, omission, or accident.

Implementation

  • Custodians and system administrators shall work with resource owners and management to identify and document processes that are susceptible to fraud.
  • Custodians and system administrators shall implement appropriate controls ensure that appropriate separation of duties within systems to prevent fraud from occurring.

Phone
Twitter
Facebook
Instagram
Mail